Joined: 12 May 2004
|Posted: Tue Oct 18, 2011 7:26 pm Post subject: [ GLSA 201110-13 ] Tor: Multiple vulnerabilities
|Gentoo Linux Security Advisory
Title: Tor: Multiple vulnerabilities (GLSA 201110-13)
Date: October 18, 2011
Bug(s): #351920, #359789
Multiple vulnerabilities were found in Tor, the most severe of
which may allow a remote attacker to execute arbitrary code.
Tor is an implementation of second generation Onion Routing, a
connection-oriented anonymizing communication service.
Vulnerable: < 0.2.1.30
Unaffected: >= 0.2.1.30
Architectures: All supported architectures
Multiple vulnerabilities have been discovered in Tor. Please review the
CVE identifiers referenced below for details.
A remote unauthenticated attacker may be able to execute arbitrary code
with the privileges of the Tor process or create a Denial of Service.
There is no known workaround at this time.
All Tor users should upgrade to the latest version:
NOTE: This is a legacy GLSA. Updates for all affected architectures are
|# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/tor-0.2.1.30"
available since April 2, 2011. It is likely that your system is already
no longer affected by this issue.